Best Login/Tracking/Logout Method

Anon

Hello,

I am building a web site and I'll need to allow members to login, surf a bunch of different pages on the site and "hopefully" logout. I am assuming not every user will logout out of the system properly. Also, I will need to know who is currently logged into the system at any given time.

I am wondering if anyone could share their experiences with this sort of system and let me know what the best and most accurate way of going about it. Speed is very important but accuracy is as well.

I am using PHP4/Mysql for this website..

Thanks,
Kevin Young

[deleted]

Sessions. Simple sessions.

When a visitor logs in, you set a var in his session to 'loggedin'.
When he logs out, you set it to 'loggedout'.
At the top of every page you first check if the user has that var set to 'loggedin' if not, redirect him to the logon script.

As for knowing who's online, make a table in the database and store the user's sessionid and date/time when he logs on.
Then, with every page hit you update that data to reflect the current date/time.
If a person's last update was more than 15 minutes (or so) ago, then he's left your site.

PS please tell me you're not planning on putting a stupid message like "there are now 5 people browsing this site" on your pages... please... I always feel sorry when I browse a site and it says I'm the only one browsing it. It makes me feel that if I'm the only one, the site must be cr*p. 🙂